Privacy Policy

I. Introduction

Security and the proper use of personal data are of utmost importance to both our visitors and the team at Mobigrab Ltd. Therefore, it is essential for us that you clearly understand why and how we process your personal information in connection with your use of the website Mobigrab.com and our services.

This Privacy Policy aims to explain in a transparent manner what personal data we process, why, and how we do it, including instances where it is necessary to share data with third parties (such as our trusted partners). Additionally, this document provides information regarding your rights concerning the processing of personal data by Mobigrab Ltd.

We process personal data in strict compliance with the applicable Bulgarian legislation and Regulation (EU) 2016/679 (GDPR).

The website does not offer user registration and does not collect comments, but it contains several forms through which visitors voluntarily submit information.

II. What Personal Data We Collect

1. Data provided through inquiry forms

When you submit an inquiry for a service (web development, SEO optimization, maintenance, marketing, technical audit, etc.), we process the following data:

• Name (if provided)
• Email address
• Phone number (if provided)
• Website URL (if applicable)
• Description of your needs or project
• Any other information you voluntarily include in your message

Purpose of processing:

• To respond to your inquiry
• To provide you with a quote or consultation
• To facilitate follow-up communication, should there be interest

Legal basis:

• Art. 6, para. 1, letter (b) of the GDPR – taking steps at your request prior to entering into a contract
• or legitimate interest for general inquiries

2. Data provided through the SEO audit form

When requesting an SEO audit, we process:

• Email address
• Name / Company name (if provided)
• URL of the analyzed website
• Additional SEO information (optional)

Purpose of processing:

• Preparation of the SEO audit
• Delivery of results and recommendations
• Follow-up communication, if requested

Legal basis:

• Art. 6, para. 1, letter (b) of the GDPR – performance of a service at your request.

3. Data provided upon newsletter subscription

When you subscribe to our information newsletter through the form on the website, we process:

• Your email address
• Engagement data (opens, link clicks) – via Brevo tracking technologies.

Purpose of processing: Sending news, useful tips, marketing offers, and information about our services.

Legal basis: Art. 6, para. 1, letter (a) of the GDPR – your explicit consent. You may withdraw your consent at any time by clicking the "Unsubscribe" link at the bottom of every email.

4. Technical data and server logs

In order to ensure stability, error diagnostics, and protection against cyberattacks (such as DDoS or unauthorized access), our hosting infrastructure (Google Cloud Platform) automatically collects and stores technical information in server logs.

Data we process:

• IP address (masked or in full for security purposes).
• Browser and operating system information.
• Date and exact time of access.
• URLs visited on our website.
• Request results (HTTP status codes, errors, or successful loads).

Purpose of processing: Ensuring the technical integrity of the website, optimizing user experience, and identifying malicious activity.

Legal basis: Legitimate interest according to Art. 6, para. 1, letter (f) of the GDPR. Maintaining a secure and functioning web environment is critical for both our operations and the security of your data.

Retention period: This data is stored temporarily for a period of up to 30 days (or according to the standard settings of Google Cloud Logging), except in cases where it is necessary for the investigation of a specific security incident.

5. Cookies

Our website uses "cookies" to ensure its proper functioning, traffic analysis, and marketing purposes.

Types of cookies we use:

• Necessary: These cookies are essential for the website to function, such as remembering your privacy preferences and ensuring protection against fraud and security threats.
• Functional and Marketing: Provided by Brevo to ensure the proper functioning of subscription forms and marketing automation. These help us understand if our content is relevant and useful to you.
• Analytics: We use Google Analytics 4 (integrated via Google Consent Mode v2) to collect anonymized visitor statistics. These cookies are activated only after your explicit consent is provided on our website.

You can change your settings or withdraw your consent at any time via the settings button at the bottom of the screen.

Note: When viewing embedded content from third parties (such as YouTube videos or Google Maps), these platforms may set their own cookies, over which Mobigrab Ltd has no direct control.

III. Data Sharing

We do not sell, rent, or trade your personal data to third parties for their marketing purposes. We share information only with trusted partners (data processors) necessary for the technical operation of the website:

• Hosting and Cloud Service Providers: We use the infrastructure of Google Cloud Platform (GCP) for the storage and operation of the website.
• Email Marketing Services (Newsletter): We use the platform Brevo (Sendinblue SAS, France) to manage our email lists and send newsletters. Your data is stored on servers within the EU.
• Google Analytics (Google Ireland Limited): For user behavior analysis. Data is sent in an anonymized format, unless you have given explicit consent for marketing features via our cookie banner.
• Transactional Email Providers: For sending messages from our contact forms, we use Resend (Resend Labs Inc.). They process your data temporarily (name, email, and message content) to ensure reliable delivery to us.When using services like Resend, data may be transferred to servers in the USA. We ensure the security of this transfer by implementing Standard Contractual Clauses (SCCs) and complying with the EU-U.S. Data Privacy Framework.
• Public Authorities and Institutions: Only in cases where we are legally obligated under applicable law (e.g., during investigations of cybercrime).

IV. Data Retention Periods

We store your personal data only for the period necessary to fulfill the purposes for which it was collected, or in accordance with legal and statutory requirements:

• Inquiries via contact forms: Up to 12 months after the completion of communication or until a service contract is signed.
• SEO audit requests: Up to 12 months for statistical purposes and improvement tracking, unless you request earlier deletion.
• Technical and server logs: Up to 90 days (in accordance with the standard security policies of Google Cloud Platform), except when necessary for incident investigation.
• Newsletter subscription: Until you withdraw your consent (via the unsubscribe link) or until we discontinue the newsletter service.

Upon expiration of the specified periods, the data is permanently deleted or anonymized for statistical purposes.

V. Your Rights under GDPR

You have the following rights regarding your personal data:

• Access: To request information about whether and what personal data we store;
• Rectification: To request changes to inaccurate or incomplete personal data;
• Erasure (The Right to be Forgotten): To request the removal of your data from our systems;
• Restriction and Objection: To stop or restrict the processing of your data for specific purposes;
• Data Portability: To receive your data in a structured, commonly used format for transfer;
• Withdrawal of Consent: To terminate your newsletter subscription or other services at any time.

How to exercise your rights?

For any of the requests listed above, please contact us at: support@mobigrab.com or write to us via the website form. We will process your request within the legally mandated period of 30 days.

VI. Contact Information